From 87f3c1117ed02a58be98ee304aaf0dba0afd4a06 Mon Sep 17 00:00:00 2001
From: Devon Mackay <devon@dds.mil>
Date: Fri, 27 Jul 2018 10:55:56 -0400
Subject: [PATCH] Add second ingress for atst that is passthrough

Used for CAC auth so SSL termination and client cert validation can be
done by the app
---
 deploy/kubernetes/atst.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/deploy/kubernetes/atst.yml b/deploy/kubernetes/atst.yml
index 94743aec..c7152663 100644
--- a/deploy/kubernetes/atst.yml
+++ b/deploy/kubernetes/atst.yml
@@ -65,3 +65,21 @@ spec:
         backend:
           serviceName: atst
           servicePort: 80
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: atst-cac
+  namespace: atat
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-body-size: 10m
+    ingress.kubernetes.io/ssl-passthrough: "true"
+spec:
+  rules:
+  - host: cac.atat.codes
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: atst
+          servicePort: 443